Overview
WooCommerce is the most widely deployed e-commerce platform on the web, powering a large proportion of WordPress-based online stores from small direct-to-consumer operations to substantial mid-market retailers. Built as a WordPress plugin, WooCommerce inherits WordPress's vast installation base and its flexibility — the same platform that runs a simple five-product store can, with the right configuration and extensions, manage complex catalogues, subscription products, variable pricing, and multi-location fulfilment. For businesses operating WooCommerce stores who need to connect their shop to ERP systems, fulfilment providers, inventory management, accounting software, or custom operational tools, WooCommerce integration is the bridge between the e-commerce frontend and the operational back-office.
The WooCommerce REST API provides programmatic access to the core WooCommerce data model — orders, products, customers, categories, tax rates, shipping zones, coupons, and the reports that aggregate store performance data. The API follows REST conventions with JSON request and response bodies, consistent resource URL patterns, and webhook support for real-time event notification. Authentication uses OAuth 1.0a for non-HTTPS connections and Basic authentication (consumer key and secret) for HTTPS connections — the latter being the standard for production integrations.
WooCommerce's extensibility through plugins creates both flexibility and integration complexity. The store's actual data model may differ substantially from the base WooCommerce schema depending on which plugins are active — WooCommerce Subscriptions adds subscription objects and billing cycles, WooCommerce Bookings adds bookable products and appointments, WPML adds multi-language product translations, ACF adds custom product fields. Integrations that need to access plugin-extended data must handle the REST API extensions or custom endpoints that each plugin adds alongside the core WooCommerce API.
We build WooCommerce integrations for online retailers, fulfilment operations, and technology companies that need to connect their WooCommerce stores to external systems — covering order management, inventory synchronisation, product catalogue management, customer data, and the operational automation that scales WooCommerce operations beyond manual administration.
What WooCommerce Integration Covers
WooCommerce REST API authentication. WooCommerce uses consumer key and secret authentication for its REST API.
API key generation: the WooCommerce API keys generated in the WordPress admin under WooCommerce → Settings → Advanced → REST API. Each key has a description, a user association, and a permission level — Read, Write, or Read/Write. The consumer key (starting with ck_) and consumer secret (starting with cs_) generated at key creation time — the consumer secret is only shown once and must be stored securely.
HTTPS Basic authentication: the recommended authentication method for production integrations over HTTPS. The consumer key passed as the HTTP Basic authentication username and the consumer secret as the password — Authorization: Basic {base64(consumer_key:consumer_secret)}. The Base64-encoded credentials in the header of every API request.
OAuth 1.0a: the alternative authentication for non-HTTPS connections. The OAuth 1.0a request signing with the consumer key, consumer secret, nonce, timestamp, and signature method. The OAuth headers required on every request. Relevant for development environments without HTTPS — production deployments should always use HTTPS Basic authentication.
Query string authentication: the consumer_key and consumer_secret passed as URL query parameters as an alternative to header authentication. Less secure than header authentication — query parameters appear in server logs. Useful for testing but not recommended for production.
Orders API. Reading and managing WooCommerce orders.
Order retrieval: the GET /wp-json/wc/v3/orders endpoint for listing orders with query parameters. The status parameter for filtering by order status — pending, processing, on-hold, completed, cancelled, refunded, failed. The after and before parameters for date range filtering using ISO 8601 datetime strings. The modified_after parameter for incremental synchronisation — retrieving only orders modified since the last sync. The per_page parameter (up to 100) and page parameter for pagination.
Order detail: the GET /wp-json/wc/v3/orders/{id} endpoint for a specific order. The complete order object with line_items (product details, quantities, prices, taxes), shipping_lines, billing and shipping address objects, payment_method, payment_method_title, transaction_id, total, total_tax, status, customer_id, customer_note, and meta_data (custom order meta including plugin-added data).
Order meta data: the meta_data array in the order object — the key-value pairs added by WooCommerce plugins and custom code. The integration that reads specific meta keys to access plugin-extended order data — the shipping method details added by a shipping plugin, the VAT number added by a EU VAT plugin, the custom fields added by checkout customisation plugins.
Order update: the PUT /wp-json/wc/v3/orders/{id} endpoint for updating order fields — changing the status, adding a note, updating the tracking number via meta_data. The status update that marks an order as completed when the fulfilment provider confirms shipment.
Order notes: the POST /wp-json/wc/v3/orders/{id}/notes endpoint for adding notes to an order — customer-visible notes that appear in order confirmation emails and the customer's account, and private notes visible only to shop administrators. The order note that records the tracking number, the fulfilment confirmation, or any relevant operational information.
Order refunds: the POST /wp-json/wc/v3/orders/{id}/refunds endpoint for creating partial or full refunds on an order. The refund with amount, reason, line_items for product-level refunds, and api_refund flag for triggering payment gateway refund.
Products API. Reading and managing the WooCommerce product catalogue.
Product listing: the GET /wp-json/wc/v3/products endpoint for listing products with filtering by status, category, tag, type, and date. The product types — simple, variable, grouped, external, subscription (WooCommerce Subscriptions), bundle (WooCommerce Bundles). The status values — publish (live), draft, private, pending.
Product detail: the GET /wp-json/wc/v3/products/{id} endpoint for a specific product — the full product object with sku, name, description, short_description, regular_price, sale_price, stock_quantity, stock_status, manage_stock, weight, dimensions, categories, tags, images, attributes, and meta_data.
Product creation and update: the POST /wp-json/wc/v3/products endpoint for creating products and the PUT /wp-json/wc/v3/products/{id} endpoint for updates. The product payload with the fields to create or update. The bulk update endpoint POST /wp-json/wc/v3/products/batch for updating multiple products in a single request — the update array with product ID and changed fields, the create array for new products, and the delete array of IDs to delete.
Product variations: the GET /wp-json/wc/v3/products/{id}/variations endpoint for the variations of a variable product — each variation with its own sku, price, stock_quantity, attributes (the specific attribute values that define the variation), and image. The PUT /wp-json/wc/v3/products/{id}/variations/{variation_id} endpoint for updating a specific variation. The variations batch endpoint for bulk variation updates.
Inventory management. Synchronising stock levels between WooCommerce and external systems.
Stock update: the PUT /wp-json/wc/v3/products/{id} endpoint with stock_quantity and manage_stock: true for updating a simple product's stock level. The variation stock update via PUT /wp-json/wc/v3/products/{product_id}/variations/{variation_id} with stock_quantity. The stock_status field — instock, outofstock, onbackorder — for products where exact quantity management is not required.
Batch stock update: the POST /wp-json/wc/v3/products/batch endpoint for updating stock levels across many products simultaneously — the bulk inventory sync that updates all products in minimal API calls. The batch request with the update array containing product ID and stock_quantity for each product.
Stock events via webhooks: the product.updated webhook that fires when a product's stock changes — the real-time notification that external inventory systems use to stay aligned with WooCommerce's stock levels.
Customer data. Reading and managing WooCommerce customer records.
Customer retrieval: the GET /wp-json/wc/v3/customers endpoint for listing customers with filtering by email, role, and date. The GET /wp-json/wc/v3/customers/{id} endpoint for a specific customer — the customer object with email, first_name, last_name, billing and shipping address objects, orders_count, total_spent, and meta_data.
Customer creation: the POST /wp-json/wc/v3/customers endpoint for creating a WooCommerce customer account programmatically — the account creation that the integration uses when importing customers from another system.
WooCommerce webhooks. Real-time event delivery for order, product, and customer changes.
Webhook registration: the POST /wp-json/wc/v3/webhooks endpoint for creating webhook subscriptions programmatically. The webhook with name, topic (the event type), delivery_url (the receiving endpoint), and secret (for signature verification). Alternatively, webhooks configured in the WordPress admin under WooCommerce → Settings → Advanced → Webhooks.
Webhook topics: the WooCommerce webhook event types — order.created, order.updated, order.deleted, order.restored for order events; product.created, product.updated, product.deleted, product.restored for product events; customer.created, customer.updated, customer.deleted for customer events; coupon.created, coupon.updated, coupon.deleted for coupon events.
Webhook payload: the JSON payload sent to the delivery URL when the event occurs. The payload containing the full object data at the time of the event — the complete order object for order events, the complete product object for product events.
Webhook signature: the X-WC-Webhook-Signature header in every WooCommerce webhook request — the Base64-encoded HMAC-SHA256 of the raw request body using the webhook's secret. The mandatory signature validation that confirms the webhook originated from WooCommerce before processing.
Webhook delivery and retry: WooCommerce retries failed webhook deliveries up to 5 times with increasing delays. The idempotent webhook handler that uses the X-WC-Webhook-ID and X-WC-Webhook-Delivery-ID headers to detect and skip duplicate deliveries.
WooCommerce custom endpoints and plugin data. Accessing plugin-extended data through the WooCommerce REST API.
WooCommerce Subscriptions: the /wp-json/wc/v3/subscriptions endpoint added by the WooCommerce Subscriptions plugin for programmatic subscription management. The subscription object with status, billing_period, billing_interval, next_payment_date, line_items, and parent_id (the original order). The subscription lifecycle events — subscription.created, subscription.updated, subscription.renewed.
Custom meta data: the meta_data array present on orders, products, and customers for accessing custom field data. The meta key lookup for specific plugin or custom data — the _billing_vat_number meta key from a VAT plugin, the _tracking_number meta key from a shipping plugin, the custom field keys from Advanced Custom Fields or WooCommerce checkout field customisations.
WordPress REST API extension: the WooCommerce REST API built on the WordPress REST API infrastructure — the same authentication and endpoint conventions applying to custom endpoints registered by WordPress plugins. The custom REST endpoint registered by a bespoke plugin that extends WooCommerce with business-specific functionality.
WooCommerce REST API rate limits and performance. Managing API performance for high-volume operations.
Server-level rate limits: WooCommerce itself does not enforce API rate limits — rate limiting is handled at the server level (nginx, Apache, hosting platform). The integration that respects the hosting environment's limits and implements backoff when throttled.
Batch operations: the POST /wp-json/wc/v3/products/batch, POST /wp-json/wc/v3/orders/batch, and POST /wp-json/wc/v3/customers/batch endpoints for creating, updating, or deleting multiple resources in a single request — reducing the number of API calls required for bulk operations.
Pagination efficiency: the maximum per_page value of 100 for list endpoints — the most efficient page size for full dataset retrieval. The X-WP-TotalPages and X-WP-Total response headers that indicate the total number of pages and records for the current query.
Direct database access. For integrations that require data not accessible through the REST API.
WooCommerce database structure: the WordPress database tables that WooCommerce uses — wp_posts and wp_postmeta for orders and products (the legacy CPT-based storage), wp_woocommerce_order_items and wp_woocommerce_order_itemmeta for order line items, wp_wc_orders and related tables for the HPOS (High Performance Order Storage) schema introduced in WooCommerce 7+. The database schema that direct SQL queries must target correctly.
HPOS compatibility: WooCommerce's High Performance Order Storage (HPOS) migration that moves orders from WordPress post tables to dedicated order tables. The integration that correctly handles both the legacy CPT schema and the HPOS schema depending on the WooCommerce version and configuration of the target store.
Integration Patterns
Order processing pipeline. The integration that captures WooCommerce orders and routes them to fulfilment — the order.created and order.updated webhooks that deliver new and updated orders to the fulfilment system, the order update that posts tracking numbers back to WooCommerce, and the completed status update that triggers WooCommerce's shipment confirmation email to the customer.
Inventory synchronisation. The bidirectional stock sync — WooCommerce sales that reduce stock, warehouse goods receipts that increase it, and the scheduled or event-driven synchronisation that keeps both systems aligned. The batch stock update for full resync after a counting cycle, and the webhook-driven real-time update for individual stock changes.
Product catalogue synchronisation. The PIM, ERP, or product data system as the product master — product data created or updated in the central system synchronised to WooCommerce's product catalogue. The batch product creation for initial catalogue import, the incremental update for ongoing changes.
Accounting integration. WooCommerce orders flowing to accounting systems — the order data including taxes, discounts, and payment method mapped to the accounting system's journal entry or invoice format. The daily batch that posts yesterday's completed orders to the accounting system, or the webhook-driven real-time posting for each order as it completes.
Technologies Used
- C# / ASP.NET Core — WooCommerce integration using
WooCommerceNETlibrary or direct HTTP client - PHP — WooCommerce integration for PHP-based systems using the official
automattic/woocommercePHP client or direct WordPress plugin development - TypeScript / Node.js — WooCommerce integration using the
@woocommerce/woocommerce-rest-apinpm package - Python — WooCommerce integration using the
woocommercePyPI package for data pipelines and operational scripts - Rust / Axum — high-performance WooCommerce webhook processing and data pipeline for high-volume stores
- REST / HTTP — WooCommerce REST API communication
- OAuth 1.0a / Basic Auth — WooCommerce API authentication
- Webhooks — real-time order, product, and customer event delivery
- HMAC-SHA256 — WooCommerce webhook signature validation
- SQL (MySQL / MariaDB) — direct WooCommerce database access where REST API coverage is insufficient
- Redis — webhook deduplication, order state, stock cache, rate limit management
- Hangfire / scheduled jobs — inventory sync scheduling, order batch processing, catalogue synchronisation
- Docker — containerised integration service deployment
- GitHub Actions — CI/CD pipeline for integration service deployment
WooCommerce Integration Considerations
WooCommerce's WordPress foundation introduces some integration considerations that platform-specific e-commerce systems like Shopify do not share.
Plugin variability. The WooCommerce store's actual behaviour and data model depends heavily on which plugins are active. Two WooCommerce stores may have substantially different checkout flows, different order meta data, different product types, and different REST API extensions depending on their plugin configurations. Integrations should be designed to handle the specific plugins active on the target store rather than assuming a baseline WooCommerce configuration.
Hosting environment variation. WooCommerce stores run on a wide range of hosting environments — shared hosting, managed WordPress hosting, VPS, dedicated servers — with different performance characteristics and different API response times. The integration timeout configuration and retry logic should account for the variability of WooCommerce hosting environments.
HPOS migration. WooCommerce's ongoing migration from the legacy CPT order storage to HPOS affects direct database integrations. Integrations that query the database directly rather than using the REST API need to handle both the legacy and HPOS schemas correctly.
WooCommerce Connected to Your Operations
WooCommerce integrations built to production standards — correct consumer key and secret authentication, HMAC-signed webhook processing with idempotent delivery handling, batch operations for high-volume product and order synchronisation, plugin meta data access for extended WooCommerce data, inventory synchronisation that prevents overselling, and the operational reliability that e-commerce fulfilment depends on.